Europe’s Data Protection Regulation and the EU -U.S. Privacy Shield-the New Normal for Everyone?

During a September of 2014 Intellectual Property Law Conference in Duesseldorf, Germany[1], Birgit Sippel, a member of the European Parliament informed the audience that the Parliament overwhelmingly supported far greater restrictions on collector and processors of personal data than currently provided and regardless of where they were situated. Ms. Sippel went on to state that the Parliament would swiftly adopt a 2012 proposal to establish an EU wide regulation, bolstering the rights of EU data holders and creating data protection agencies authorized to handle complaints against data collectors or processors.

At that time, I commented in a blog that U.S. firms doing business with EU customers in which they collect, use or process personal data could not expect that their U.S. data processing practices could continue in the EU without specific attention to the EC Directive and related data protection rules. Several months prior, in May of 2014, the European Court of Justice (ECJ) had held in a case involving a Spanish citizen and Google, that not only did EU rules apply to data collectors which sell advertising space in the EU, regardless of where the server was located, but the data holder has the right to request removal of links with personal information under specific circumstances and require the collector to comply.[2] Google lost the case, and the so-called “right to be forgotten” was incorporated into the EU data protection rules that were adopted in December of 2016, largely in line with the Ms. Sippel’s position.

After the Google ruling, an Austrian citizen filed a complaint with the Irish Data Protection Commissioner against Facebook, which is incorporated in Ireland, challenging Facebook’s transfer of his personal data to the U.S. on the grounds of inadequate protection in the U.S. The complainant’s appeal in Ireland was stayed until the ECJ ruled, with the Court finding that the then-applicable decision of the EU Commission on adequacy with regard to the U.S. data protection standards was invalid. This Court decision from October of 2015[3] thus upended the existing framework permitting U.S. processors to transfer EU data holder information to U.S. servers.

The EU Commission returned to the negotiating table with its U.S. counterparts to address the Court’s concerns with respect to U.S. companies’ data practices, and in August of 2016, a new bilateral agreement, the EU-U.S. Privacy Shield framework, came into effect, replacing its predecessor Safe Harbor framework.

Then, at the end of 2016, the EU adopted the General Data Protection Regulation or so called “GDPR” (the “Regulation”),[4] which replaces the current EU Directive 95/46 on data protection, and is to be fully implemented by the EU Member States by May of 2018.

What the Regulation protects

The Regulation protects the use of personal data of individuals by data processors which collect, use, or process such data in any manner for commercial purposes.While the EU data regulatory framework is far more comprehensive than the Regulation and includes additional laws related to health care data, law-enforcement,[5]institutional use and other areas, the Regulation and the accompanying EU-US Privacy Shield framework represent the core data protection rules which affect U.S. businesses.

The Regulation covers personally identifiable data of any data holder with an address in any of the 28 EU countries, the EEA countries of Norway, Iceland, and Liechtenstein, and Switzerland, and accords rights and safeguards to them, regardless of where the data collector or processor is located.

Under the Regulation, the data holder is the owner of his or her data. The holder is entitled at all times to -and must consent to- third party use of his or her data. The holder may revoke his consent to use or may require erasure or removal of data to which the holder previously agreed. As a result, data collectors must ensure that the data holder:

  1. has one or more means or giving consent to the processor’s use of the holder’s data in a clear, affirmative way. (opt in, not opt out);
  2. is able to request access to the holder’s data, and access must be made easy and available to the holder at reasonable intervals;
  3. may object to the continued use of his or her data, request that it be rectified or have it erased or removed, even if the data holder previously agreed to use.

How data holders’ rights are enforced

The Regulation institutes simplified administrative and judicial remedies for complaints and their resolution. The data holder may submit complaints to a single supervisory authority in each Member State or to one of several agencies in the United States in the case of complaints against a U.S. data processor.

All data processors which process information of EU data holders are required to designate a representative to act on behalf of the processor and with regard to the Member State’s supervisory authority, to cooperate with that authority to ensure its compliance with the Regulation, and in the event of a breach, to be subject to enforcement proceedings. U.S. controllers or processors without an establishment or presence in the EU must also designate a representative to act on behalf of the processor with respect to a Member State’s supervisory authority, and in the event of any breach of the Regulation’s rights to data holders, expect that complaints will be processed by the authority.  A data holder is also entitled to judicial remedies against an administrative ruling of the authority or in the event the authority fails to carry out its duty to process a complaint in accordance with the Regulation’s dictates.

The data holder’s remedies cover “material or non-material damage”, which occurs from a processor’s proven infringement of the holder’s rights, and in either case, the holder is entitled to compensation.

The EU-U.S. Privacy Shield and U.S. Processors

Under the predecessor directive to the Regulation, the EU Commission was authorized to decide on the adequacy of legal protections in countries outside of the EU, including the U.S., prior to permitting transfers of personal data of EU data holders outside of the EU for processing. Although the Commission had instituted the Safe Harbor framework, in the wake of additional case law (see Schrems Decision), it was compelled to reform the framework, which in turn lead to the Privacy Shield[6] and a system of certification to ensure ongoing compliance.

Under the certification system, U.S. processor companies commit to the U.S. Privacy Shield principles and voluntarily apply for certification through the Department of Commerce, FTC or DoT, depending upon the authority responsible for the particular industry in which the processor operates. In exchange for this certification, processors are permitted to transfer or continue transferring data of EU holders outside of the EU for processing. Certification is subject to annual review and renewal by the agencies involved and to these agencies’ enforcement powers. EU data holders are able to submit complaints to the data protection authority in the holder’s Member State of residence or to the U.S. agency concerned for handling. If need be, resolution through alternative dispute resolution, such as arbitration, is further provided.

As of this September, a significant number of large U.S. data collectors and processors have certified with the Department of Commerce. Moreover, the Privacy Shield framework is subject to ongoing review, monitoring and enforcement by the EU Commission, and be updated or changed to address new issues as they arise. Thus, it is not a one-time compliance issue, but an ongoing one with the prospect of increased supervision or restriction.

Take Aways for Data Holders and Processors

Well before 2014, European laws and attitudes towards the collection and use of personal data have been more restrictive than in the U.S. The Regulation is built upon decades of precedent and represents the next level in ensuring stricter standards and uniform application of the law’s provisions to all EU and EEA countries, plus Switzerland.

The EU Data Holder Wields the Power

Most U.S. data processors have based their operation on the premise that personal data made available to the processor is for use at the service provider’s discretion, and that once given, the processor has few restraints other than to protect again hacking or other security breaches that may affect specific transactions such as credit card processing, credit reporting which involve financially sensitive data. Once disclosed to the processor, the data holder is not given control over current or future use, nor the means to take specific affirmative action to restrict or correct the data disclosed. A very different model applies in the EU. The European personal data holder is the owner of his or her data and is entitled to affirmatively consent or “opt in” to specific uses by the data processor. At any time, the data holder may revoke, amend or request removal of data, and the processor must comply. Noncompliance has the consequences of answering to a data protection agency and potential liability for compensation.

While to date there may not have been much debate in the U.S. over the rights of the data holder, European thinking on personal data and privacy may prompt more vigorous discussion over the power that large U.S. data processors exercise in the U.S. market, in great part due to the personal data they have collected. One recently dissenting voice is that of University of Southern California’s (USC) communications professor, Jonathan Taplin. In Taplin’s book, “Move Fast, Break Things”,[7] he makes the case that firms such as Google, Facebook, and Amazon have immense influencing power over our daily lives because of the personal data which U.S. holders have unwittingly provided. In turn, such data control has helped to give rise to monopolies each online service now has in search (Google), social media integration and messaging (Facebook), and books and other items (Amazon).

European influence on Data Operations in America?

Historically U.S. firms and American institutions have played a major role in influencing commercial practices, policy and culture well beyond U.S. borders. Under the Privacy Shield, the EU Commission decides what data can be collected, used and processed with regard to EU data holders and whether the policies and practices in the U.S. are adequate to permit data transfer to the U.S. As the data protection rules are subject to ongoing review and will evolve as cases are tried and complaints heard, U.S. processors can expect that collection, processing and transfer operations will continue to be monitored and to be subject to higher standards and restrictions. The new normal in EU data collection and processing can be likened to a nonexclusive license granted by the data holder to the processor, which the holder may revoke, amend, or request be entirely removed at any time, rather than a one-time transaction where the holder makes the disclosures to the processor and the processor is free to use the data as it sees fit.

To the extent a data collector or processor does not provide mechanisms which ensure that the data holder’s rights are ensured and provide the measures to enforce them, the processor’s business model, means of operation or management practices will need to be adapted to do so. This is very likely to result in additional costs to institute affirmative consent or closer interaction mechanisms with data holders and to accommodate requests to rectify or remove data. Indeed, a recent PwC Survey found that among large American processors, the most frequently implemented compliance measures included certification under the Privacy Shield and instituting binding corporate rules, at an investment cost of more than $1 million.[8]

If these compliance mechanisms are put in place for EU data holders, why not offer such protections to all data holders, including those in the U.S.? Even if data processors are not considering this from the standpoint of simplifying commercial operations, it seems that U.S. data holders ought to be asking this question for themselves.

What the future may bring

U.S. data holders may presume that the ease and convenience in the services which data processors provide is not only worth the data holder’s consent to wholesale use of the holder’s personal data, but that this bargain initially struck with any processor is not open for discussion. Europe, in contrast, acknowledges the data holder’s rights to value and control personal data, regardless of convenience of service, and is compelling U.S. companies to adapt their current business models and systems to comply with more comprehensive levels of data protection required by the Regulation.

The debate in America on data security has been sparked by security breaches at Yahoo, Equifax, and with regard to Uber’s recent announcement of a hacking of its site that has only recently come to light. However, it is the EU data protection authorities that are taking action to investigate Uber’s breach. The ride share service’s breach is now subject to an investigation by the Dutch data protection authority under Holland’s rules which are quite stringent, the Netherlands being the site of Uber’s European operations. Austria and Poland are launching separate investigations of the potential breach, and the U.K. and Italy may join. This has prompted the EU to consider launching a EU probe. Such an EU investigation would not, however, negate the imposition of sanctions at the Member State level at least until the Regulation takes effective next May, and Holland’s maximum fines are high, up to 820,000 Euro.[9]

U.S. data holders’ ire over hacking and companies maintaining secrecy about breaches has not yet lead to a vigorous debate as to who is in control of personal data and what individual rights and remedies a data holder has. The Regulation and Privacy Shield should prompt a far deeper reexamination of how we view our personal data and what we require of the businesses making use of it. Do we want the rights to erase, remove, or change the data we give, and to have links removed so as to “be forgotten”? What should be the consequences to processors if U.S. data holders’ rights are breached or adversely affected? It may be time for a simplified process to file complaints, and seek redress administratively or judicially without the costs outweighing the benefits. And if, as with Uber, a large number of customers are affected, why shouldn’t sanctions or fines apply? We’ve imposed them for antitrust violations and intellectual property infringement. Why wouldn’t we consider them for egregious breaches of personal data?

Leslie Williams, partner Wilson Keadjian Browndorf LLP

© 2017 Leslie Williams

This article is current as of December 4, 2017

[1] German Intellectual Property Law Association (GRUR) Annual Conference September 2014, (

[2] Judgment of the Court (Grand Chamber), 13 May 2014. Google Spain SL and Google Inc. v Agencia Española de Protección de Datos (AEPD) and Mario Costeja González. ECLI:EU:C:2014:317.

[3] Judgment of the Court of 6 October 2015 Maximillian Schrems v Data Protection Commissioner Request for Preliminary Ruling from High Court Ireland; C-362/14 ECLI: EU:C 2015.650 (hereafter “Schrems Decision”).

[4] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1–88). The Regulation replaces its predecessor Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31).

[5] Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data and repealing Council Framework Decision 2008/977/JHA.

[6] Commission Implementing Decision (EU) 2016/1250 of July 12 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on adequacy of protection provided by EU-US Privacy Shield (C 2016 4176; O J L 207, 1.8.2016 p 1-112).

[7] Move Fast and Break Things: How Facebook, Google, and Amazon Cornered Culture and Undermined Democracy, Taplin, Jonathan, MacMillian 2017.

[8] “GDPR Compliance Top Data Protection Priority for 92% of US Organizations in 2017, According to PwC Survey”, PwC. 23 January 2017,

[9] “EU considers investigation into Uber Hack”, Financial Times, 23 November 2017,

Wilson Keadjian Browndorf, LLP Adds Mark Peroff and Darren Saunders as Partners in the Intellectual Property Practice Group in the Firm’s New Times Square Office

NEW YORK, NY, July 31, 2017: Wilson Keadjian Browndorf, LLP (“WKB”) announced that Mark I. Peroff and Darren W. Saunders have joined the firm, representing the next step in the firm’s expansion of its New York intellectual property practice. Both lawyers have practiced together for over 15 years and join from Manatt, Phelps & Phillips, LLP, where they served as partners.

Mark Peroff will serve as Managing Partner of the New York office and Chair of the Intellectual Property Practice Group. Darren Saunders will serve as Partner of the New York office. The powerhouse duo will operate out of WKB’s newly acquired professional space located in Times Square at 114 West 47th Street, 18th Floor, New York, NY 10036, which will accommodate additional legal support staff and new attorneys as the firm continues to grow.

“With clients facing increasingly complex IP challenges as a result of growing global competition and converging technologies, it’s become more important for us to invest in our ability to serve all our clients’ needs in managing, acquiring and leveraging their IP assets,” said Matthew C. Browndorf, Managing Partner of Wilson Keadjian Browndorf, LLP. “Mark and Darren are powerful additions in the strategy of growing our intellectual property practice in New York. Their expansive knowledge and experience tremendously amplifies our intellectual property practice capabilities, which will enhance our existing core practice areas and help accelerate our growth.”

Mark Peroff said “Early in my career I served clients in a small firm setting and focused on delivering higher quality IP services at a reasonable price for a few industries. During the past decade I practiced in large law firms offering an array of legal services for my large clients, but I missed the collegiality and friendliness of the small law firm environment. I had many options after I decided to relocate my practice to a small law firm and found Wilson Keadjian Browndorf to have the perfect combination of collaborative culture and dedication to clients in an entrepreneurial environment. Matt Browndorf has created an exciting environment in which lawyers can thrive by concentrating solely on the practice of law.”

Darren Saunders added “Working with Mark Peroff on cutting edge complex, high-profile IP litigation matters during the past decade has been a pleasure. Working in this new entrepreneurial environment will be exciting.”

New Professional Space

The new space boasts 5,535 square feet – an increase of over 4,000 square feet from the firm’s prior location – and will feature a contemporary environment filled with natural light and glass partitions to promote an open work environment and foster teamwork. In-line with the firm’s goal of incorporating cutting-edge technology into its practice, the new office will be equipped with VoIP communication devices, interactive media tools and modern workstations furnished with a set of collaborative software suites so individuals at each WKB office can maintain communication, work on the same projects, at the same time, in real-time.

“Expanding our presence in New York was a logical step in our growth strategy,” stated Matthew C. Browndorf, Managing Partner of Wilson Keadjian Browndorf, LLP. “After adding two well-known and experienced IP litigators from prestigious law firms to our rich and diverse talent pool, we saw an opportunity to further expand staffing in our legal, administrative and support departments, thereby increasing our ability to provide quality legal service to current and future markets.”

The move to a larger office will allow WKB to attract and recruit top talent in the IP space. With the new office and support staff, WKB will be better positioned to serve and efficiently handle increasing caseloads while continuing to provide superior legal services.


Mark I. Peroff previously served as partner with Manatt, Phelps and Phillips, LLP, and before that, served as co-chair of Hiscock Barclay’s branding, trademarks and copyrights practice. For over 35 years he has counseled clients on procuring, maintaining, and enforcing or defending their intellectual property rights in the US and abroad, focusing on trademark, copyright and domain name protection. His practice includes counseling clients in litigation; licensing and assignments; development/implementation of anti-counterfeiting enforcement programs; due diligence in acquisitions and divestitures; opposition/cancellation proceedings before the US Patent and Trademark Office; and administrative tribunals under the Uniform Domain Name Dispute Resolution Policy, Digital Millennium Copyright Act Notice and Taken Down Procedure. Mark Peroff has also been recognized as one of the top filers of trademark applications (7,500+) in the US.

Darren W. Saunders previously served as partner at Manatt, Phelps & Phillips, LLP. His practice focuses on trademark litigation, copyrights, patents, IP licensing transactions, advising clients on IP-related bankruptcy issues, domestic and international anti-counterfeiting enforcement, unfair competition and false advertising. He has represented clients at the trial and appellate levels and in administrative proceedings before the US International Trade Commission and the US Patent and Trademark Office.

About Wilson Keadjian Browndorf, LLP

Wilson Keadjian Browndorf, LLP, is a mid-size full service law firm, offering its clients the energy, efficiency and creativity of a small, growing firm with the skills and experience of a larger firm. The firm serves the unique needs of the mid-sized market including advice on the internationalization of mid-size firms.  WKB’s attorneys’ experience is as diverse as its client base, and includes significant experience in traditional industries such as finance, project development, construction, intellectual property, WKB leverages its strengths to provide the same type of professional results as the larger firms but at far more competitive rates.

Media Contact
Danny Kim

Social Media Contacts
Facebook @WKBLLP
LinkedIn @WilsonKeadjianBrowndorf

Wilson Keadjian Browndorf, LLP Welcomes Andrew Corcoran as New Partner

WASHINGTON, DC, July 17, 2017 – Wilson Keadjian Browndorf, LLP is pleased to welcome the addition of Andrew Corcoran as Managing Partner of the Firm’s Washington, DC office. Mr. Corcoran is licensed as an attorney in New York and the District of Columbia and will operate out of the Firm’s Maryland office. Mr. Corcoran is not licensed to practice in Maryland. Prior to joining WKB, Mr. Corcoran practiced at the international law firm of Skadden, Arps, Slate, Meagher & Flom, LLP, for nearly 12 years.

“We are excited to have a partner of Andrew’s caliber join the firm and his personality fits our culture like a glove,” said Matthew C. Browndorf, Managing Partner of Wilson Keadjian Browndorf, LLP. “He is an extremely effective litigator with sound judgement, and he is a great communicator. We look forward to a dynamic collaboration.”

Mr. Corcoran is a veteran litigator and enriches the Firm by adding fresh perspective to a growing pool of extremely talented attorneys. Some highlights from his career include: representing a Fortune 500 institutional bank in a civil litigation matter concerning terms of more than $1 billion commercial mortgage securitizations; resolving a highly complex dispute regarding damages for the destruction of industrial equipment valued in the millions; defending against class action lawsuits and RICO actions; defending against alleged securities violations; and setting precedent with a landmark case focused on enforcement of foreign judgments in the state of New York.

About Wilson Keadjian Browndorf, LLP

WKB has offices strategically located in California, New York, New Jersey, Nevada, Pennsylvania, Maryland, Illinois, Indiana, Wisconsin, Cologne, Germany (non-affiliate office); and London, England, with over 30 attorneys specializing in a comprehensive array of legal matters including administrative law, commercial litigation, intellectual property, information technology, mergers and acquisitions, real estate, structured products, and private equity.

Media Contact
Danny Kim

Social Media Contacts
Facebook @WKBLLP
LinkedIn @WilsonKeadjianBrowndorfLLP

Summary of the US Delegation trip to Germany (May 5-8, 2017)

During a five-day trip to Germany in early May, the members of Senate of the Economy, Inc.’s Delegation met with their German counterparts. Attending from the United States were Leslie Williams, partner of Wilson, Keadjian, Browndorf LLP, her cofounder of the Senate, John Gosch of Prager, Metis, Jack Holcomb, a Los Angeles lawyer and cochair of the American Council on Germany, and the Senate’s President, Michael Rolland.

The Delegation first met on May 5 in Ludwigsburg, near Stuttgart, to attend a daylong conference on “Best Practices of World Market Leaders from Baden Wurttemberg.” This Conference, sponsored by the Academy of World Market Leaders and the German Senat der Wirtschaft, included as key speakers Robert Friedmann, board member of Wuerth Group, Dr. Mark Hiller of Recaro Aircraft Seating AG, and Oliver Blume of Porsche AG. Of the best practices discussed were how the leaders entered foreign markets and not only maintained their presence there but grew. At the end of the Conference, Dr. Norbert Lammert, President of the German Parliament, addressed the attendees, providing his perspective on the current economic and political climate in Europe.

The following day, the Delegation traveled to Hamburg to meet members of the German Senat and the former Vice President of the EU Commission, Günther Verheugen, for a discussion on Transatlantic Relations under the new Trump Presidency. In the evening, 50 members of the German Senat, all heads of companies, and the Delegates took an evening tour of the harbor in celebration of Hamburg’s Harbor Day.

On the final stop of the trip on May 8 in Berlin, the Delegates held an afternoon meeting with the Economic Minister of Rheinland-Pfalz, Dr. Volker Wissing to exchange of thoughts on prospects for trade and investment between this German state and the West Coast, notably in smart farming and biotechnology.

Innovators Can Sleep at Night if Their Trade Secrets Are Well Protected

Trade secrets are considered the oldest form of intellectual property in the world, and in the 21st century trade secret assets may become the largest, most lucrative driver for the United States in a world that largely tolerates theft of innovation. The motto “Don’t Innovate, Imitate” need not be an issue, though, when trade secret assets are well-protected.

Depending upon the type of trade secrets case, plaintiffs’ outcome may be more favorable when they elect to file in State courts, because of the “Uniform Trade Secrets Act” UTSA and its flexibility.

The UTSA has been a great success, with 99 percent of US states implementing its provisions. However, the Uniform Act does not encompass remedies for criminal prosecution. This has led to some jurisdictions adopting their own criminal law in respect to trade secrets.

By example, the adoption of criminal sanctions by California of the Penal Code § 499c, covers criminal prosecution for misappropriation of trade secrets.

Protection for misappropriation of trade secrets differs substantially between the California penal code and the recent “Defense of Trade Secrets Act” (DTSA) – Defend Trade Secrets Act. For example, Cal. Penal Code § 499c does not provide for the protection of trade secrets in the course of prosecution. Whether in practice California courts will protect the confidentiality of a trade secret, is dependent upon pursuit of protective relief from the Court.

In contrast, the DTSA requires the court to “take such . . . action as may be necessary and appropriate to preserve the confidentiality of trade secrets,” and creates a right of interlocutory appeal from any decision or order authorizing or directing the disclosure of a trade secret for the United States Government when prosecuting theft of trade secrets. Further, section 1835 of the DTSA as amended, additionally prevents courts from directing the disclosure of any information the owner asserts to be a trade secret without first allowing the owner to submit under seal a description of their interest in keeping the information confidential, and explicitly dictates that “the provision of information relating to a trade secret to the United States or the court in connection with a prosecution under that chapter shall not constitute a waiver of trade secret protection.”

In California, offenders convicted of theft of trade secrets under section § 499c of the penal code are guilty of theft, which (assuming the value of the secret(s) stolen is above $950). It can be a felony punishable by imprisonment up to three years (pursuant to the sentencing guidelines codified in Cal. Penal code § 1170h) and required restitution (Cal. Penal code 487). Further, § 499c codifies specific penalties, including imprisonment not exceeding one year (pursuant to the sentencing guidelines codified in Cal. Penal code § 1170h), or fines up to $5,000, or both, for those who induce another to misappropriate a trade secret.

The DTSA provides for significantly steeper penalties: imprisonment up to ten years, or fines up to $250,000 (18 U.S.C. § 3571), or both, or for organizations that engage in theft of trade secrets, fines (recently increased by the DTSA) up to the greater of $5,000,000 or three times the value of the trade secret to the organization (includingthe avoided cost of research and development).

DTSA further provides explicit immunity from criminal liability for whistle blowers, while Cal. Penal Code 499c has no such provision. The language of the elements of trade secret theft in § 499c is drafted in such a way as to appear to leave open to criminal prosecution of someone who acts with the intent to appropriate a trade secret even if they do so exclusively for the use of a law organization or other appropriate enforcement entity in the event of a “whistle blower” scenario. The Federal statute is explicitly applicable to foreign acts.

And, the DTSA dictates that §§ 1831-39 apply to conduct occurring outside the United States if the offender meets the following criteria: is a U.S. citizen or permanent resident alien, or a corporation organized in the U.S., or if an act in furtherance of the offence was committed in the U.S. Cal. Penal Code § 499c is subject to the limitations of the extraterritoriality of California criminal law generally.

Key Differences Between the Federal Criminal Statute and the California Statute Relating to Theft of Trade Secrets

Accordingly, the key differences between the federal criminal statute and the California statute dealing with criminal conduct is that the federal statute provides a procedure which is efficient and, at the same time, protects the confidentiality of the trade secret. Further, the procedure against criminal conduct is stricter with DTSA.

Under the DTSA federal courts operates under a single, national standard for trade secret misappropriation and a transparent set of procedural rules, offering predictability and ease of use. Second, federal courts provide nationwide service of process and a unified approach to discovery, enabling quick action by trade secret owners even when confronted with actors in multiple jurisdictions. Third, as a result of their extensive experience with complex cross-border litigation involving intellectual property, federal courts would be able to resolve jurisdictional issues quickly and applications for injunctions or seizures fairly. Fourth, their generally more predictable discovery procedures will serve the legitimate needs of trade secret plaintiffs, who typically must develop most of the facts to prove their case through defendants and third parties.

Finally, while the DTSA is not preemptive and would allow litigants a choice to sue in state or federal court, the opponents fail to explain why having that choice should be deemed undesirable “forum-shopping,” any more so than in other areas, such as trademark and securities law, where concurrent state and federal jurisdiction has long existed.

If you’re looking for protection outside criminal acts, then the UTSA offers, essentially, reliably case law that can be highly beneficial to companies that operate across state lines and that have relied upon established commercial trade secrets standards. Thus, the trade secret protections that have been enacted for many years under the uniform trade secrets act provide reliable safeguards for the majority of trade secret disputes.

However, if is a plaintiff is seeking criminal sanctions, it may be prudent to proceed under the DTSA.


Uniform Trade Secrets Act (UTSA)

Defend Trade Secrets Act (DTSA, 18 usca)

Cal Penal Code section § 499c

Principals In Los Angeles Law Firm, Shaub & Williams Join Irvine-Based Wilson Keadjian Browndorf, LLP

LOS ANGELES – Attorneys David R. Shaub, Leslie Williams, and Lisbeth Bosshart Merrill have joined the law firm of Wilson Keadjian Browndorf, LLP (WKB), a bicoastal, full-service white shoe firm. This move will expand the firm’s practice areas in patent litigation, intellectual property, and international business. Shaub will remain in the West Los Angeles office as WKB’s Managing Partner, and Williams and Merrill will work at the Firm’s flagship Irvine, California office. Williams will be a Corporate Transactions partner, while Merrill will head up the Firm’s Commercial Litigation Department.

David Shaub, whose primary interest lies in complex litigation and intellectual property protection, founded Shaub & Williams, LLP, in 1984. Leslie Williams, who later came onboard, specialized in European Union and transactional law, and was subsequently joined by Lisbeth Bosshart Merrill, whose practice areas include business litigation and transactions, international commercial arbitration, and intellectual property law with an emphasis on intellectual property litigation.
According to WKB Managing Partner Matthew Browndorf, the firm seeks to bring attorneys together who have extensive capabilities and a broad sphere of influence in the business communities from which they draw their clients.

“The Shaub & Williams team will add a dimension to WKB that focuses on the specialized legal areas that we are looking to expand, based upon client demand,” says Browndorf.

WKB has offices in New York, New Jersey, Pennsylvania, Maryland, Washington DC, Illinois, Indiana, Wisconsin, Arizona, Nevada, Cologne, Germany (non-affiliate office); and London, England, with over 30 attorneys specializing in a comprehensive array of legal matters. They range from administrative law, to commercial litigation, intellectual property, information technology, real estate, structured products, and private equity.

Building & Nurturing Relationships at ABS Vegas 2016

WKB sponsors one of the largest capital market conferences

WKB is proud to have attended the ABS 2016 conference held in Las Vegas Nevada from February 28th – March 2nd.  This conference is put on by the IMN and SFIG organizations and was attended by more than 6,000 of the most intelligent and prolific players within the capital markets; including, financial institutions, asset managers, regulatory agents and seasoned veterans from across the world.

The WKB team was honored to participate and help sponsor this event, it truly was an event to remember.  New relationships were formed and lasting friendships were nurtured while WKB’s Structured Products Group explained how the team plans to innovate within this dynamic market.

Thank you to all of those who visited the WKB booth and shared in the memories that is ABS Vegas 2016.

Judgment Obtained By Marc Lazo

WHB is pleased to congratulate its litigation partner Marc Lazo and his trial team on obtaining a judgment in favor of our clients in excess of $1.4m in Orange County Superior Court, California. The case involved real estate fraud and misrepresentation, and the judgment includes recovery of contractual attorney’s fees and will be amended to add punitive damages. More details to come!


In KSR v. Teleflex, the Supreme Court issued one of the most significant decisions dealt to intellectual property law in decades. The ruling effectively restructures the approach used by courts to determine whether a claimed invention is ‘non-obvious,’ a historically ambiguous and ill-defined condition to obtaining a patent.


Received successful motion for summary judgment for client Gerling Global Reinsurance Corporation in U.S.D.C. District of Connecticut.